package com.DHH.Controller;


import com.DHH.Config.Constant;
import com.DHH.Dto.Message;
import com.DHH.Util.VerifyCodeUtils;
import org.apache.shiro.SecurityUtils;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Created by Administrator on 2017/6/3.
 */
@Controller
@RequestMapping("/System")
public class SystemController {
    @ResponseBody
    @RequestMapping("/imgVerification")
    public String getSysManageLoginCode(HttpServletResponse response,
                                        HttpServletRequest request) {
        response.setContentType("image/jpeg");// 设置相应类型,告诉浏览器输出的内容为图片
        response.setHeader("Pragma", "No-cache");// 设置响应头信息，告诉浏览器不要缓存此内容
        response.setHeader("Cache-Control", "no-cache");
        response.setHeader("Set-Cookie", "name=value; HttpOnly");//设置HttpOnly属性,防止Xss攻击
        response.setDateHeader("Expire", 0);
        try{
            String code= VerifyCodeUtils.outputVerifyImage(80,30,response.getOutputStream(),4);
            request.getSession(true).setAttribute(Constant.IDENTIFY_CODE_MARK,code.toLowerCase());
            return "";
        }catch (Exception e) {
            return "error";
        }

    }

    /**
     * 无权限跳转
     * @param request
     * @return
     */
    @RequestMapping("/noPermission")
    public String noPermission(HttpServletRequest request)
    {
        String header = request.getHeader("X-Requested-With");
        if("XMLHttpRequest".equalsIgnoreCase(header)){
            return "redirect:/System/ajaxPermission ";
        }
        return "redirect:/System/ordinaryPermission ";
    }
    @RequestMapping("/ajaxPermission")
    @ResponseBody
    public Message ajaxPermission()
    {
       Message msg=new Message();
       msg.setMsg("操作失败，您没有该服务的操作权限");
       return msg;
    }
    @RequestMapping("/ordinaryPermission")
    public String ordinaryPermission(){
        return "error/403.html";
    }
    @RequestMapping("/systemConfig")
    public String systemConfig(ModelMap modelMap)
    {

        return "admin/systemConfig.jsp";
    }
    @RequestMapping("/loginOut")
    public String loginOut()
    {
        org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject();
        currentUser.logout();
        return "admin/login.jsp";
    }
}
